EAP-TLS and Active Directory
S.P.Armitage at lboro.ac.uk
Wed Nov 25 12:14:20 CET 2015
> On 25 Nov 2015, at 11:07, Matthew Newton <mcn4 at LEICESTER.AC.UK> wrote:
> On Wed, Nov 25, 2015 at 10:22:52AM +0100, Simon Larsson wrote:
>> My goal here is to have it so that when a user connects to the
>> network, the user should automatically get access that users
>> network resources.
> As has been said there are many ways to do this.
> We check the certificate subject against the AD LDAP to ensure
> that the machine is permitted to connect.
Not telling you how to suck eggs Matthew, but couldn’t you improve efficiency by using an OCSP check instead.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Freeradius-Users